<?php

//修改商品信息，提交
header('Content-Type: application/json');
Header('Access-Control-Allow-Methods:GET,POST,PUT,DELETE');
header("Access-Control-Allow-Headers: Content-Type");
header('Access-Control-Allow-Origin:*');   //跨域

require './mysql_init.php';

//检查数据是否正常
function limit_up_data($session_id){
    $flag=1;
    if(gettype($session_id) != 'string'){
        $flag=0;
    }
    if(strlen($session_id) < 2 || strlen($session_id) > 300){
        $flag=0;
    }
    return $flag;
}
//获取邮箱
function get_email($pdo,$session_id){
    try {
        // 准备查询语句
        $query = "SELECT email FROM session WHERE session_id = ?";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $session_id);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->fetchAll()[0]['email'];      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }
}
//获取uid
function get_uid($pdo,$email){
    try {
        // 准备查询语句
        $query = "SELECT uid FROM users WHERE email = ?";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $email);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->fetchAll()[0]['uid'];      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }
}
//判断是否是商家
function is_seller($pdo,$uid){
    try {
        // 准备查询语句
        $query = "SELECT count(*) FROM sellers WHERE user_uid = ?";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $uid);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->fetchAll()[0]['count(*)'];      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }
}
//获取商家id
function get_sellerid($pdo,$uid){
    try {
        // 准备查询语句
        $query = "SELECT seller_id FROM sellers WHERE user_uid = ?";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $uid);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->fetchAll()[0]['seller_id'];      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }
}
//判断该用户是否有此商品
function limit_is_user_goods($pdo,$goods_id,$seller_id){
    try {
        // 准备查询语句
        $query = "SELECT count(*) FROM goods WHERE goods_id=? and seller_id=?";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $goods_id);
        $statement->bindParam(2, $seller_id);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->fetchAll()[0]['count(*)'];      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }

}
//判断请求参数的长度
function judge_lenth($judge_len){
    foreach($judge_len as $i=>$n){
        if($i==0){
            if(strlen($n) <=0){
                return 3;
            }elseif(strlen($n) >=100){
                return 4;
            }
            
        }elseif($i==1 || $i==2){
            if(strlen($n) >8 || strlen($n) <=0){
                return 1;
            }elseif($n<0){
                return 2;
            }
        }
    }
    return 0;
}
//更改商品信息
function change_goods_news($pdo,$goods_id,$goods_name,$goods_prace,$goods_count){
    try {
        // 准备修改语句
        $query = "UPDATE goods SET name=?, price=?,count=? WHERE goods_id=?;";
        $statement = $pdo->prepare($query);
        $statement->bindParam(1, $goods_name);
        $statement->bindParam(2, $goods_prace);
        $statement->bindParam(3, $goods_count);
        $statement->bindParam(4, $goods_id);
        // 执行查询
        $statement->execute();
        // 获取结果
        $result = $statement->rowCount();      //把查询结构赋值给$count
        return $result;
    } catch (PDOException $e) {
        // 异常处理
        // echo "Error querying database: " . $e->getMessage();
        return -1; // 表示查询出错
    }

}

if($_SERVER['REQUEST_METHOD'] === 'POST'){
    $json=file_get_contents('php://input');  //获取post请求中的原始数据
    $post_json=json_decode($json,true)['data'];       //把原始数据转化成json

    $session_id=$post_json['session_id'];
    $goods_id=$post_json['goods_id'];

    $goods_name=$post_json['goods_name'];
    $goods_prace=$post_json['goods_prace'];
    $goods_count=$post_json['goods_count'];

    $judge_len=[$goods_name,$goods_prace,$goods_count];
    
    $response = array(
        'status' => 0,
        'message' =>'初始化'
    );
    if(limit_up_data($session_id)==1 && judge_lenth($judge_len)==0){      //验证上传的session_id数据类型是否合法
        if(gettype(get_email($pdo,$session_id))=='string'){
            $email=get_email($pdo,$session_id);
            $uid=get_uid($pdo,$email);

            if(is_seller($pdo,$uid) ==1){
                $seller_id=get_sellerid($pdo,$uid);
                if(limit_is_user_goods($pdo,$goods_id,$seller_id)){
                    $n=change_goods_news($pdo,$goods_id,$goods_name,$goods_prace,$goods_count);
                    $response = array(
                        'status' => 1,
                        'message' =>'修改成功'
                    );
                }else{
                    $response = array(
                        'status' => 0,
                        'message' =>'篡改别人的私密信息是违法行为，立即停止'
                    );
                }
            }else{
                $response = array(
                    'status' => 0,
                    'message' =>'不是商家'
                );
            }
        }else{
            $response = array(
                'status' => 0,
                'message' => '用户不存在'
            );
        }
    }else{
        $response = array(
            'status' => 0,
            'message' => '数据类型错误'
        );
    }

    echo json_encode($response);
} else{             //如果不是post请求
    $response = array(
        'status' => 0,
        'message' => '不是请求'
    );
    echo json_encode($response);
}
?>